# Test-ADCredential.ps1
CLS
<#
.Synopsis
Verify Active Directory credentials
.DESCRIPTION
This function takes a user name and a password as input and will verify if the combination is correct. The function returns a boolean based on the result.
.NOTES
Name: Test-ADCredential
Author: Jaap Brasser
Version: 1.0
DateUpdated: 2013-05-10
.PARAMETER UserName
The samaccountname of the Active Directory user account
.PARAMETER Password
The password of the Active Directory user account
.EXAMPLE
Test-ADCredential -username jaapbrasser -password Secret01
Description:
Verifies if the username and password provided are correct, returning either true or false based on the result
#>
function Test-ADCredential {
[CmdletBinding()]
Param
(
[string]$UserName,
[string]$Password
)
if (!($UserName) -or !($Password)) {
Write-Warning 'Test-ADCredential: Please specify both user name and password'
} else {
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('domain')
$DS.ValidateCredentials($UserName, $Password)
}
}
try{ $testADCredential = $null; $testADCredential = Get-Credential } catch { $testADCredential = $null; }
if($testADCredential -ne $null) { Test-ADCredential -UserName "$($testADCredential.UserName)" -Password "$($testADCredential.GetNetworkCredential().password)"; }
pause; return;
Active Directory account locking out after password reset
Several end-users account locking out after recently resetting their domain password.
Our domain policy is lockout Threshold 3 attempts. They are getting locked out after 1 try. Once the user logs in, any network or domain resources they try to get to prompt them for their credentials because they are locked out. Their domain account shows locked in AD as well.
Continue reading “Active Directory account locking out after password reset”